iOS 14.0 "remote jailbreak" demo.😎 (RCE + LPE exploit)
Don't stay on versions on or below iOS 14.3. If you click a malicious link, bad guys would steal everything on your iPhone.
00:00
pattern-f
120 posts
- Stable kernel r/w technique for iOS 14. Useful to researchers.
- iOS 15.x demo. Run 3 cmds: ls, id, sw_vers. There is a lot of trouble in ios15. Still a long way from a real jailbreak. iPhone XS, iOS 15.0: using cve-2021-30883 (written months ago) iPhone 13 Pro, iOS 15.1: using cve-2021-30955 (thanks @realBrightiup ) I don't promise anything
00:00 
00:00- Write a jailbreak demo for CVE-2021-30883 (fixed in iOS 15.0.2, by @AmarSaar ) on an iPhone 11 iOS 14.0. Why iOS 14.0? I just want to verify if the vulnerability is exploitable. The code is based on the old ipc_kmsg hack. The exploit has better speed than cicuta_virosa.
00:00 - Got 6 CVEs from Apple😁 CVE-2021-1867, CVE-2021-1877, CVE-2021-1852, CVE-2021-1874, CVE-2021-1828, CVE-2021-1840
- MD5 (TQ-pre-jailbreak .zip) = 49161ccfc399f2036dda8d654bd808f5 I'm planning to release it in a few days.
- iOS 14.1, iPhone 12 (A12+ device), LPE exploit demo. Not a real #Jailbreak About the video: I find an iPhone 12 stayed on iOS 14.1 from my co-worker. I borrowed it and made a demo for the newest iPhone.😆 (英语太难了)
00:00 - Update: make the exploit faster (cicuta_virosa @ModernPwner). Reduce the pain of running the exploit. Useful for researchers. iPhone 12: 65s -> 10s iPhone 6s: 188s -> 68s
- Here is the slides. Everything has Changed in iOS 14, but Jailbreak is Eternal i.blackhat.com/USA21/Wednesda…
- Everything is OK. Now I'm waiting for "something special".🤪 It's time to go home. (世事难料)
- My talk was accepted by BlackHat USA 2021. No new vulnerability. Just the story of my iOS Learning Journey.
